Malware accesses data on 90,000 patients

An employee at University of Washington Medicine in Seattle exposed the personal information of Harborview Medical Center and UW Medical Center patients, after opening a malicious attachment in a phishing email.

“UW Medicine says that it conducted an internal investigation and does not believe that patient data was sought or targeted in the attack. Despite this belief, the malware is said to have accessed the personal information of more than 90,000 current and former patients,” Kaspersky Lab reports.

The breach took place in October, when an unnamed piece of malicious software took control of the employee’s computer. The infection went unnoticed for one day before staff members “took measures to prevent any further malicious activity,” according to a UW Medicine press release.

UW Medicine says it will attempt to contact each individual affected via email. 

The affected computer contained names, medical record numbers, “other demographics (which may include address, phone number),” dates of service, charge amounts for services received, dates of birth, and Social Security Numbers or Health Insurance Claim (Medicare) numbers.

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.